﻿
using JWT;
using JWT.Algorithms;
using JWT.Serializers;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web;
using System.Web.Http;
using System.Web.Http.Controllers;
using WebApplication1.Models;

namespace WebApplication1.Attributes
{
    public class ApiAuthorizeAttribute : AuthorizeAttribute
    {
        protected override bool IsAuthorized(HttpActionContext actionContext)
        {
            //var authHeader = from t in actionContext.Request.Headers where t.Key == "auth" select t.Value.FirstOrDefault();
            //if (authHeader != null)
            //{s
            string token = actionContext.Request.Headers.Authorization.ToString();
            if (!string.IsNullOrEmpty(token))
            {
                //try
                //{
                const string secret = "1233sf45dhh6789000dgfj000000";
                //secret需要加密
                IJwtAlgorithm algorithm = new HMACSHA256Algorithm();
                IJsonSerializer serializer = new JsonNetSerializer();
                IDateTimeProvider provider = new UtcDateTimeProvider();
                IJwtValidator validator = new JwtValidator(serializer, provider);
                IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
                IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder, algorithm);

                var json = decoder.DecodeToObject<AuthInfo>(token, Encoding.UTF8.GetBytes(secret), verify: true);
                if (json != null)
                {
                    actionContext.RequestContext.RouteData.Values.Add("auth", json);
                    return true;
                }
                return false;
                //}
                //catch (Exception ex)
                //{
                //    return false;
                //}
            }
            //}
            return false;
        }
    }
}